CN107040540B - Cloud privacy data display method and device, server and mobile terminal - Google Patents

Cloud privacy data display method and device, server and mobile terminal Download PDF

Info

Publication number
CN107040540B
CN107040540B CN201710262874.8A CN201710262874A CN107040540B CN 107040540 B CN107040540 B CN 107040540B CN 201710262874 A CN201710262874 A CN 201710262874A CN 107040540 B CN107040540 B CN 107040540B
Authority
CN
China
Prior art keywords
privacy
data
application
display
service system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710262874.8A
Other languages
Chinese (zh)
Other versions
CN107040540A (en
Inventor
魏伟刚
郭辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Anyun Century Technology Co Ltd
Original Assignee
Beijing Anyun Century Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Anyun Century Technology Co Ltd filed Critical Beijing Anyun Century Technology Co Ltd
Priority to CN201710262874.8A priority Critical patent/CN107040540B/en
Publication of CN107040540A publication Critical patent/CN107040540A/en
Application granted granted Critical
Publication of CN107040540B publication Critical patent/CN107040540B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1066Hiding content
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/75Indicating network or usage conditions on the user display

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)
  • User Interface Of Digital Computer (AREA)
  • Information Transfer Between Computers (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention provides a method and a device for displaying cloud privacy data, a server and a mobile terminal, which can receive a cloud data access request; judging whether the cloud data access request is sent by a privacy service system; if the cloud data access request is not sent by the privacy service system, the privacy data is not allowed to be displayed in a display interface of the client; and if the cloud data access request is sent by the privacy service system, allowing the privacy data to be displayed in a display interface of the client. Therefore, the problem that some private data and common data can be displayed on a display interface of cloud storage and can be leaked inadvertently is solved, and the method has the beneficial effect of protecting the private data at the cloud end by further verifying the identification of the privacy service system.

Description

Cloud privacy data display method and device, server and mobile terminal
Technical Field
The invention relates to the technical field of mobile terminals, in particular to a cloud privacy data display method and device, a server and a mobile terminal.
Background
With the rapid development of terminal equipment technology, when the corresponding mobile terminal equipment completes daily tasks of work, consumption or entertainment, the application developed corresponding to the system applicable to each terminal is provided, wherein in order to protect private data in some applications, the private data is uploaded to a cloud server for storage.
However, when a user views the uploaded data in the client of the cloud server, some private data and general data are displayed on a display interface of the cloud storage, and are leaked inadvertently, so that unnecessary loss is caused to the user.
Disclosure of Invention
In view of the above problems, the present invention has been made to provide a cloud private data display method and apparatus, a server, and a mobile terminal that solve the above problems or at least partially solve the above problems.
The invention provides a cloud privacy data display method in a first aspect, which comprises the following steps: receiving a cloud data access request; judging whether the cloud data access request is sent by a privacy service system; if the cloud data access request is not sent by the privacy service system, the privacy data is not allowed to be displayed in a display interface of the client; and if the cloud data access request is sent by the privacy service system, allowing the privacy data to be displayed in a display interface of the client.
With reference to the first aspect, in a first implementation manner of the first aspect, the determining whether the cloud data access request is sent by a privacy service system includes: judging whether the cloud data access request comprises a privacy identification aiming at a privacy service system; if the cloud data access request does not include the privacy identification, determining that the access request is not sent by a privacy service system; if the cloud data access request comprises the privacy identification, determining that the access request is sent by a privacy service system.
With reference to the first aspect, in a second implementation manner of the first aspect, the step of disallowing display of the private data in the display interface of the client includes: and hiding the private data display entrance component in the cloud data display page returned to the client.
With reference to the first aspect, in a third implementation manner of the first aspect, after the step of disallowing display of private data in the display interface of the client, the method further includes: receiving a privacy verification code for displaying the privacy data; and when the verification of the privacy verification code is passed, allowing the privacy data to be displayed in a display interface of the client.
With reference to the first or third implementation manner of the first aspect, in a fourth implementation manner of the first aspect, the step of allowing the private data to be displayed in the display interface of the client includes: and displaying the private data display entry component in a cloud data display page returned to the client.
With reference to the fourth implementation manner of the first aspect, in a fifth implementation manner of the first aspect, the step of displaying the private data display entry component in the cloud data display page returned to the client includes: and when a private data display request triggered by the client through the entrance component is received, acquiring corresponding private data and returning the private data to the client for display.
With reference to the fourth implementation manner of the first aspect, in a sixth implementation manner of the first aspect, the privacy data display entry component includes: and a control corresponding to the private folder directory.
With reference to the first aspect, in a seventh implementation manner of the first aspect, before the step of receiving the cloud data access request, the method further includes: and receiving the privacy data in the privacy space of the privacy service system uploaded by the client and storing the privacy data.
A second aspect of the present invention provides a cloud privacy data display method, including: after receiving an access operation of a cloud data display page of an access cloud server, judging whether a management process of a privacy service system is in an open state; if the management process of the privacy service system is in an open state, sending a cloud data access request including a privacy identifier to the cloud server so as to inform the cloud server to return a display page allowing privacy data to be displayed for display; and if the associated process of the privacy service system is in a closed state, sending a data access request without a privacy identifier to the cloud server so as to inform the cloud server to return a display page which does not allow the privacy data to be displayed for displaying.
With reference to the second aspect, in a first implementation manner of the second aspect, the presentation interface that allows displaying the private data includes: a presentation page displaying the private data display portal component; the display interface which does not allow the private data to be displayed comprises: the presentation page of the private data display portal component is hidden.
With reference to the second aspect, in a second implementation manner of the second aspect, before the step of determining whether the management process of the privacy service system is in an open state after receiving an access operation of accessing a cloud data presentation page of the cloud server, the method further includes: receiving an instruction of adding each application to the privacy application service so as to add each application information to the privacy application list; the privacy application service is registered in a system service list; if the fact that the application process calling the privacy application in the privacy application list does not have privacy application access permission is detected, the privacy application in the privacy application list is shielded for the application process; if the privacy application is detected to send a message for calling a notification sending interface, judging whether the management process of the privacy service system is in a closed state; and if the management process of the privacy service system is in a closed state, filtering the message.
With reference to the second aspect, in a third implementation manner of the second aspect, before the step of determining whether the management process of the privacy service system is in an open state after receiving an access operation of accessing a cloud data presentation page of the cloud server, the method further includes: if the application calling the privacy application in the privacy application list is detected to have the privacy application access right, judging whether the management process of the privacy service system is in an open state or not; if the management process of the privacy service system is in an open state, encrypting the data written in the process or decrypting the data read by the process through encryption or decryption service provided by encryption and decryption management service; the encryption and decryption management service is registered in a system service list.
A third aspect of the present invention provides a cloud privacy data display apparatus including: the request receiving module is used for receiving a cloud data access request; the judging module is used for judging whether the cloud data access request is sent by a privacy service system; the hiding module is used for disallowing the private data to be displayed in a display interface of the client if the cloud data access request is not sent by the private service system; and the display module is used for allowing the private data to be displayed in a display interface of the client if the cloud data access request is sent by the privacy service system.
With reference to the third aspect, in a first implementation manner of the third aspect, the determining module includes: the first judgment submodule is used for judging whether the cloud data access request comprises a privacy identification aiming at a privacy service system; a determining sub-module, configured to determine that the access request is not sent by a privacy service system if the cloud data access request does not include the privacy identifier; and the second judgment submodule is used for determining that the access request is sent by a privacy service system if the cloud data access request comprises the privacy identification.
With reference to the third aspect, in a second implementation manner of the third aspect, the hiding module includes: and the hiding submodule is used for hiding the private data display entrance component in the cloud data display page returned to the client.
With reference to the third aspect, in a third implementation manner of the third aspect, the present invention further includes: the verification code receiving module is used for receiving a privacy verification code used for displaying privacy data; and the privacy data display module is used for allowing the privacy data to be displayed in a display interface of the client when the privacy verification code passes verification.
With reference to the first or third implementation manner of the third aspect, in a fourth implementation manner of the third aspect, the display module includes: and the display sub-module is used for displaying the private data display entry component in the cloud data display page returned to the client.
With reference to the fourth implementation manner of the third aspect, in a fifth implementation manner of the third aspect, the display sub-module includes: and the display unit is used for acquiring corresponding privacy data and returning the privacy data to the client for display when receiving a privacy data display request triggered by the client through the entrance component.
With reference to the fourth implementation manner of the third aspect, in a sixth implementation manner of the third aspect, the privacy data display entry component includes: and a control corresponding to the private folder directory.
With reference to the third aspect, in a seventh implementation manner of the third aspect, the present invention further includes: and the uploading module is used for receiving the privacy data uploaded by the client in the privacy space of the privacy service system and storing the privacy data.
A fourth aspect of the present invention provides a cloud privacy data display apparatus, including: the privacy service system state judgment module is used for judging whether the management process of the privacy service system is in an open state or not after receiving the access operation of the cloud data display page of the access cloud server; the display request sending module is used for sending a cloud data access request including a privacy identifier to the cloud server to inform the cloud server to return a display page allowing the privacy data to be displayed for displaying if the management process of the privacy service system is in an open state; and the hidden request sending module is used for sending a data access request which does not include the privacy identification to the cloud server if the associated process of the privacy service system is in a closed state so as to inform the cloud server to return a display page which does not allow the privacy data to be displayed for displaying.
With reference to the fourth aspect, in a first implementation manner of the fourth aspect, the presentation interface that allows display of the private data includes: a presentation page displaying the private data display portal component; the display interface which does not allow the private data to be displayed comprises the following steps: the presentation page of the private data display portal component is hidden.
With reference to the fourth aspect, in a second implementation manner of the fourth aspect, the present invention further includes: the privacy application service module is used for receiving an instruction of adding each application into the privacy application service so as to add each application information into a privacy application list; the privacy application service is registered in a system service list; the shielding module is used for shielding the privacy application in the privacy application list for the application process if the application process calling the privacy application in the privacy application list does not have the privacy application access authority; the privacy service system judgment module is used for judging whether the management process of the privacy service system is in a closed state or not if the privacy application is detected to send a message for calling a notification sending interface; and the filtering module is used for filtering the message if the management process of the privacy service system is in a closed state.
With reference to the fourth aspect, in a third implementation manner of the fourth aspect, the present invention further includes: the detection module is used for judging whether the management process of the privacy service system is in an open state or not if detecting that the application calling the privacy application in the privacy application list has the privacy application access authority; the encryption and decryption module is used for encrypting the data written in the process or decrypting the data read by the process through encryption or decryption services provided by the encryption and decryption management service if the management process of the privacy service system is in an open state; the encryption and decryption management service is registered in a system service list.
According to the fifth aspect of the present invention, there is also disclosed a server, comprising a processor and a memory,
the memory is used for storing a program for executing the cloud privacy data display method of the first aspect;
the processor is configured to execute programs stored in the memory.
According to a sixth aspect of the present invention, there is also disclosed a computer storage medium for storing computer software instructions for the cloud private data display apparatus, which includes a program designed for the cloud private data display apparatus for executing the first aspect.
According to a seventh aspect of the present invention, there is also disclosed a mobile terminal, comprising a processor and a memory,
the memory is used for storing a program for executing the cloud privacy data display method of the second aspect;
the processor is configured to execute programs stored in the memory.
According to an eighth aspect of the present invention, there is also disclosed a computer storage medium for storing computer software instructions for the cloud private data display apparatus, which includes a program designed for the cloud private data display apparatus for executing the second aspect.
According to the cloud privacy data display method and device, the server and the mobile terminal, whether the cloud data access request is sent by the privacy service system is judged by receiving the cloud data access request, if the cloud data access request is not sent by the privacy service system, the privacy data are not allowed to be displayed in the display interface of the client, and if the cloud data access request is sent by the privacy service system, the privacy data are allowed to be displayed in the display interface of the client. Therefore, the problem that some private data and common data are displayed on a display interface of cloud storage and can be leaked inadvertently is solved, and the method has the beneficial effect of protecting the private data at the cloud end by further verifying the identification of the privacy service system.
The foregoing description is only an overview of the technical solutions of the present invention, and the present invention can be implemented according to the content of the description in order to make the technical means of the present invention more clearly understood, and the specific embodiments of the present invention are described below in order to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like parts are denoted by like reference numerals throughout the drawings. In the drawings:
FIG. 1 depicts a flowchart of the steps of one embodiment of a method of displaying cloud privacy data in accordance with the present invention;
FIG. 2 is a flow diagram illustrating steps of another embodiment of a method for displaying cloud privacy data in accordance with the present invention;
FIG. 2A illustrates a schematic view of a privacy service system display interface in accordance with the present invention;
FIG. 2B illustrates a schematic view of a privacy service system display interface in accordance with the present invention;
FIG. 3 is a flow diagram illustrating steps of another embodiment of a method for displaying cloud privacy data in accordance with the present invention;
FIG. 4 is a block diagram illustrating an embodiment of a cloud privacy data display apparatus according to the present invention;
fig. 5 is a block diagram showing another embodiment of a cloud privacy data display apparatus according to the present invention;
fig. 6 is a block diagram showing another embodiment of a cloud privacy data display apparatus according to the present invention;
fig. 7 is a block diagram showing a structure of a handset portion of a mobile terminal provided in an embodiment of the present invention;
fig. 8 shows a block diagram of a server provided in an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Referring to fig. 1, a flowchart illustrating steps of an embodiment of a cloud privacy data display method according to the present invention is shown, and specifically may include the following steps:
step 101, receiving a cloud data access request.
In the embodiment of the invention, when a user adds data in a mobile terminal through a cloud service client or uploads the data to a cloud service through a sharing function, the data selected by the user is uploaded to a corresponding cloud server when the mobile terminal is networked, and the data is uploaded and stored in the cloud server to become cloud data, the user can log in the client of the cloud server on different devices by using the same user name or password to check and store the data, wherein when the user can access the cloud data in the mobile terminal at a PC (personal computer) end, the client of the cloud server receives a cloud data access request when the user opens the client to check the cloud data stored in the cloud server, the access request is usually sent to the cloud server end through a network session (session), and the information of the session is stored in the cloud server, if the user inputs the user name and the password for logging in, the cloud server returns the session _ id to the browser, and then the browser sends the session _ id to the cloud server every time any page of the website is accessed, the cloud server can distinguish different sessions according to the session _ id, and meanwhile, only the cloud server stores any information related to the sessions.
And step 102, judging whether the cloud data access request is sent by a privacy service system, if so, executing step 104, otherwise, executing step 103.
In the embodiment of the invention, after the cloud server receives the session of the cloud data access request sent by the user, the configuration information contained in the session information indicates the source sent by the session, and whether the session is from the privacy service system or not can be determined through the session information. The session information may include a system identifier of the privacy service system, and the type of the system identifier is not limited in the embodiment of the present invention.
And 103, if the cloud data access request is not sent by the privacy service system, not allowing the privacy data to be displayed in a display interface of the client.
In the embodiment of the invention, if the request is determined not to be sent by the privacy service system according to the system identification contained in the session information of the cloud data request page, when the cloud server sends the display interface, only the page which does not contain the uploaded data in the privacy service system is sent. The CSS hiding and displaying marks are added during webpage editing, and the displaying and hiding marks are correspondingly adjusted according to contents to be displayed or hidden in the webpage, so that the effect of hiding the cloud data sent by the privacy service system on a client display interface is achieved.
In practical applications, the CSS edits the web page with an attribute element name, meaning element transparency, which is not designed for changing the bounding box (bounding box) of the element. This means that setting optity to 0 can only hide elements visually. The element itself still occupies its own position and acts on the layout of the web page, and the hide function can be used interactively through hide () function to achieve the goal of hiding.
And 104, if the cloud data access request is sent by the privacy service system, allowing the privacy data to be displayed in a display interface of the client.
In the embodiment of the invention, similarly, when the webpage is edited, CSS hiding and displaying marks are added, wherein the attribute is visibility, the value of the attribute is set to hidden, and elements needing to be hidden are hidden. Like the accessibility attribute, hidden elements will still work with our web page layout. The only difference with respect to accessibility is that it does not respond to any user interaction. In addition, the elements are also hidden in the screen reading software. If the visibility of an element is set to hidden while wanting to display some descendant of it, it is sufficient to set the visibility of that element explicitly to visible.
In addition, the display attribute actually hides the element according to word sense. Setting the display attribute to none ensures that the element is not visible and that no boxed model is generated. Using this property, elements that are hidden do not occupy any space. Furthermore, once display is set to none, any direct user interaction with the element cannot be effected. In addition, the screen reading software cannot read the content of the element, and the effect generated by the mode is completely nonexistent for the pixel.
In practical application, the corresponding parameters are set by using the elements when the webpage is edited by using the CSS, and whether the privacy service system identifier exists in the request received by the cloud server or not is further determined, and the hidden mark in the webpage is further determined to be displayed or hidden.
In practical applications, the manner of hiding and displaying the web page content is not limited to the above description, and the embodiment of the present invention does not limit this.
In the embodiment of the invention, whether the cloud data access request is sent by the privacy service system is judged by receiving the cloud data access request, if not, the privacy data is not allowed to be displayed in the display interface of the client, and if the cloud data access request is sent by the privacy service system, the privacy data is allowed to be displayed in the display interface of the client. Therefore, the problem that some private data and common data are displayed on a display interface of cloud storage and can be leaked out inadvertently is solved, and the method has the beneficial effect of protecting the private data at the cloud end by further verifying the identification of the privacy service system.
Referring to fig. 2, a flowchart illustrating steps of another embodiment of a cloud privacy data display method according to the present invention is shown, and specifically may include the following steps:
step 201, receiving privacy data in a privacy space of a privacy service system uploaded by a client and storing the privacy data.
In the embodiment of the present invention, after the cloud server is established, a receiving processing program is established in the cloud server, and the receiving processing program has various forms as long as it can provide a connection for receiving data, wherein common forms include the following, TCP services: creating socket- > binding port- > listen listening- > accept tcp connection- > processing data- > closing connection. UDP service: create socket- > bind port- > receive data- > process data. HTTP service: an IIS or apache site is created, a site port is designated, a data receiving and processing code file is established in the site, a URL of http:// cloud server ip: port/processing program is formed, and get or post data is received. And after the receiving processing program of the cloud server is established, the data is connected to the receiving processing program provided by the cloud server to finish the uploading of the data. The upload route of the data that is usually tried can also use various ways: the GPRS is used, a GPRS processing module is added to the acquisition node, the acquired data are transmitted to the cloud server through the GPRS, and a protocol of data transmission is determined according to a receiving processing program of the cloud server, namely TCP, UDP or HTTP. And transmitting the acquired data to a PC (personal computer) through a serial port, establishing a data transmission program by the PC, and transmitting the data to a cloud server through TCP (transmission control protocol), UDP (user datagram protocol) or HTTP (hyper text transport protocol). The collected data is connected to the cloud server for transmission through equipment such as a network port or a serial port-to-network port by using TCP, UDP or HTTP.
After receiving the data, the receiving and processing program of the cloud server can store the data as required, and the storage mode can have various forms as required: the data can be stored in a text form, namely, for example, a notebook is written, the data can be in a simple text form of one line and one line, or in an xml form, as long as the subsequent reading is convenient. The data can be stored in a database form, and the database can be Access, SQL Server, Oracle, MySQL, PortgreSQL and the like. Because the collected data is related to specific services, if the data has agreement, the data can be analyzed according to the agreement. If "10, 25" is received, perhaps agreeing to "device identification, temperature", it may be stored in the database as a table having two fields, each field storing a corresponding value.
Through the described common method, after a request of a user for uploading data on a mobile terminal or a cloud service client of a PC (personal computer) terminal is received, the data selected by the user is uploaded to a cloud server and stored.
Step 202, receiving a cloud data access request.
This step is the same as step 101 and will not be described in detail here.
Step 203, determining whether the cloud data access request includes a privacy identifier for a privacy service system, if yes, executing step 206, and otherwise, executing step 204.
In the embodiment of the invention, when uploading the private data aiming at various network clouds or cloud storage servers of cloud platforms, the data uploaded from different sources can be processed differently, for example, when the uploaded data is uploaded through a privacy service system, the uploaded data is encrypted and uploaded, the private data is divided into blocks through a data block dividing module of a local secure uploading engine, and an encryption algorithm distribution module of the secure uploading engine distributes an encryption algorithm to each divided data block. The encryption algorithm is derived from a local algorithm and a key database, can be customized by a user, and can also refer to various existing simple or complex encryption algorithms. The embodiments of the present invention are not limited in this respect.
The method comprises the steps that for each encryption algorithm, a unique identifiable identifier is locally arranged at a terminal, when uploaded data and the corresponding unique identifiable identifier are stored in a cloud server, whether the privacy identifier of the privacy service system exists in the data is judged, the request content and the unique identifiable identifier in the access request can be read, the encryption identifier or the unique identifiable identifier in the request content is further read, and if the identifier in the request is consistent with the privacy identifier of the privacy service system acquired from the cloud server, the access request comprises the privacy identifier of the privacy service system
Step 204, if the cloud data access request does not include the privacy identification, determining that the access request is not sent by a privacy service system.
In the embodiment of the invention, if the request content and the unique identifiable identifier in the access request are not matched with the privacy identifier of the privacy service system in the privacy data acquired from the cloud server, the access request is determined not to be sent by the privacy service system.
Step 205, if the cloud data access request is not sent by the privacy service system, the privacy data is not allowed to be displayed in the display interface of the client.
This step is the same as step 103 and will not be described in detail here.
Preferably, step 205 specifically includes:
substep 2051, hiding the private data display entry component in the cloud data presentation page returned to the client.
In the embodiment of the invention, if the access request is determined not to be sent by the privacy service system, the value of the display visibility corresponding to the uploaded data of the privacy service system in the webpage returned by the cloud server is set as hidden, and the privacy data entry component is hidden. The private data display portal component includes: control corresponding to private folder directory
Of course, the above method for hiding the private data in the CSS attribute value modification manner is not the only method for hiding the private data, and the embodiment of the present invention is not limited thereto.
Preferably, in another embodiment of the present invention, after step 205, the method may further include:
in step 205A, a privacy verification code for displaying the privacy data is received.
In the embodiment of the present invention, when a privacy data access request sent by a user includes privacy verification, the situations are divided into two types, the first type is: when the privacy service system is started, whether a user accesses privacy data stored in the cloud server at a mobile client or a PC (personal computer) terminal, the user can see a privacy data folder displayed on a cloud display interface, when the user wants to open the privacy data folder to check the privacy data, the cloud server can start a verification mode, a check code is sent to a mobile terminal of the user, or the check code is displayed in a browser, or the user is required to provide a user name and a password for logging in the privacy service system, and after the privacy verification code for displaying the privacy data is received by the cloud server, the next step is carried out. And the second method comprises the following steps: when a user sends an access request of cloud privacy data through the privacy service system, the request carries a privacy verification code, wherein the privacy verification code comprises sessionID of the user in a state of logging in the privacy service system, the user receives the corresponding sessionID after receiving the request, and the next step is carried out.
The privacy verification code in the first case may be a two-dimensional code, a verification code, a fingerprint, an iris, and other verification codes that uniquely identify the user identity information, which is not limited in this embodiment of the present invention.
And step 205B, when the privacy verification code passes verification, allowing the privacy data to be displayed in a display interface of the client.
In the embodiment of the invention, after the privacy verification code is received, the privacy verification code is matched with the privacy verification code stored in the cloud, if the matching is successful, the privacy verification code passes the verification, and a user can open a folder for storing the privacy data and check the privacy data.
Step 206, if the cloud data access request includes the privacy identification, determining that the access request is sent by a privacy service system.
In the embodiment of the invention, if the request content and the unique identifiable identifier in the access request are read and matched with the privacy identifier of the privacy service system of the privacy data acquired from the cloud server, the access request is determined to be sent by the privacy service system.
And step 207, if the cloud data access request is sent by the privacy service system, allowing the privacy data to be displayed in a display interface of the client.
This step is the same as step 104 and will not be described in detail here.
Preferably, step 207 specifically includes:
substep 2071, displaying the private data display entry component in the cloud data display page returned to the client.
In the embodiment of the present invention, according to the description in step 205A, after receiving the privacy verification code, the privacy verification code is matched with the privacy verification code stored in the cloud, and if the matching is successful, the privacy verification code passes the verification, and a value of display visibility corresponding to data uploaded by the privacy service system in a webpage returned by the cloud server is set as visible, so that a corresponding privacy data entry component can be displayed.
Preferably, the substep 2071 specifically comprises:
substep 20711, when receiving the private data display request triggered by the client through the portal component, obtaining the corresponding private data and returning the private data to the client for display. The private data display portal component comprises: and a control corresponding to the private folder directory.
In the embodiment of the present invention, after an access request for accessing private data is sent to a cloud server, the cloud server assigns a login _ token to the cloud server and records a session _ id corresponding to the login, where the login _ token is equivalent to a private verification code for verification login, and includes a parameter of a website qr _ verify _ url, and the cloud server receives the request, finds that app _ token and login _ token are both valid, finds the session _ id corresponding to the login _ token, and displays the web page content corresponding to the app _ token and the login _ token to a user, that is, returns corresponding private data to a client for display, where the private data display entry component includes: and a control corresponding to the private folder directory.
In the embodiment of the invention, the method comprises the steps of receiving privacy data in a privacy space of a privacy service system uploaded by a client and storing the privacy data, receiving a cloud data access request, judging whether the cloud data access request comprises a privacy identifier, if not, not allowing the privacy data to be displayed in a display interface of the client, if so, allowing the privacy data to be displayed in the display interface of the client, further receiving a privacy verification code for displaying the privacy data, and if the privacy verification code passes verification, allowing the privacy data to be displayed in the display interface of the client, otherwise, not displaying. Therefore, the problem that some private data and common data are displayed on a display interface of cloud storage and can be leaked inadvertently is solved, and the method has the beneficial effect of protecting the private data at the cloud end by further verifying the identification of the privacy service system.
Referring to fig. 3, a flowchart illustrating steps of an embodiment of a cloud privacy data display method according to the present invention is shown, and specifically may include the following steps:
step 301, after receiving an access operation of accessing a cloud data presentation page of a cloud server, determining whether a management process of the privacy service system is in an open state, if so, executing step 302, otherwise, executing step 303.
In the embodiment of the invention, when the cloud service client is started on the mobile terminal side and the cloud data is accessed, whether the management process of the privacy service system is in the starting state or not can be identified through the state identification of the privacy service system, when the privacy service system is started, the identification can be automatically changed into the starting state, when the privacy service system is closed, the identification can be changed into the closing state, and the identification is recorded in the privacy application service so that all applications can read the numerical value of the identification.
Of course, the state identifier is identified by numbers or characters at the bottom layer, and the embodiment of the present invention is not limited thereto.
Step 302, if the management process of the privacy service system is in an open state, sending a cloud data access request including a privacy identification to the cloud server to inform the cloud server to return a display page allowing the privacy data to be displayed for displaying.
In the embodiment of the invention, if the management process of the privacy service system is in an open state, the information in the session included in the data access request sent to the cloud service comprises the privacy identification of the privacy service system, so that the display page for displaying the privacy data is returned through the verification of the privacy identification of the cloud server. CSS hide and show flag, attribute is visibility, and its value is set as visibility
Step 303, if the associated process of the privacy service system is in a closed state, sending a data access request not including the privacy identifier to the cloud server to notify the cloud server to return a display page not allowing to display the privacy data for display.
In the embodiment of the invention, if the associated process of the privacy service system is in a closed state, the information in the session included in the data access request sent to the cloud service does not include the privacy identification of the privacy service system, and the information cannot pass the verification of the privacy identification of the cloud server, and then the information is returned to the display page for displaying the privacy data, wherein the privacy data are hidden. Here, the CSS hide and display flag has a visibility as an attribute, and its value is set to hidden.
Preferably, the display interface allowing the display of the private data includes: a presentation page displaying the private data display portal component; the display interface which does not allow the private data to be displayed comprises the following steps: the display page of the private data display entry component is hidden.
In the embodiment of the present invention, the page capable of displaying the private data includes a private data display entry component, where the entry component is a private data folder or a file directory component. Of course, when the presentation interface of the private data is not allowed to be displayed, the private data folder or the file directory component is hidden.
Preferably, in another embodiment of the present invention, before step 301, further comprising:
step 301A, receiving an instruction for adding each application to the privacy application service, so as to add each application information to the privacy application list; the privacy application service is registered in a system service list.
In the embodiment of the present invention, there are many services in the framework layer of the mobile terminal system, taking an android system as an example, the system framework layer includes a PMS (package management service), which includes: QueryIntent Activities: for querying all compliant applications according to network (Intent) parameters, getlnstalled Packages: acquiring all Installed application packages, Get Installed Applications: all installed applications are acquired. NMS (notificationargeservice notification management service), which includes: enqueue Notification Internal: and displaying the notification information of the processing status bar. AMS (ActivityManagerService application execution management service), comprising: get Recent Tasks: acquiring a Running task, Get Running App Processes: acquiring a running process, Get Services: acquiring a running service, Broadcast Intent Lockecd: processing the broadcast sent by the application, Start Activity: and starting the application interface. These general services implement the calling of various functions of the system in a manner of providing a common interface to the system, so that an application installed in the system can call an interface disclosed in these services, for example, by calling a notification sending interface provided in a notification management service, implement the function of sending a notification by the application, and when the notification is presented in a notification bar of a display interface, call a notification display interface provided in an application running management service again, and present the notification content in a specific form in the notification bar or in the system interface. Aiming at the management of the Privacy application, a Privacy application Service (Privacy App Service) is added in a system framework layer, a Privacy App Service class object is directly created, the system Service can access the Privacy application Service through the object, all interfaces of the Privacy application and related matters of the Privacy application addition and deletion can be managed by the Service, and a Privacy application list can be created, so that the Privacy application Service is registered in the system Service.
In practical application, firstly, a developer adds a privacy application service and a logic for running the privacy application service in a system framework layer, when a user adds an application in the system as a privacy application, a privacy application list is established in the privacy application service, the list is stored in a storage area corresponding to the privacy application in a file form and is opened to the outside, and the name of the privacy application is added to the privacy application list whenever the user adds a privacy application in the privacy service system.
Step 301B, if it is detected that the application process calling the privacy application in the privacy application list does not have the privacy application access right, shielding the privacy application in the privacy application list from the application process;
in the embodiment of the present invention, further, when a user adds a privacy application in a privacy service system, and after a privacy application list is established by a privacy application service according to the addition of the user, the privacy application in the list is managed and protected, so when an application calling an interface provided by the privacy application is detected, whether the application has an access right of the privacy application is verified, if the application does not have the access right of the privacy application, the privacy application in the privacy application list is shielded for the process, that is, after a system service receives an application access request of any application, a call request is sent to the privacy application service, and the privacy application service shields an access interface for accessing the application in the system service, shields the privacy application, and makes the access interface unable to obtain the privacy application, so that the application cannot access the privacy application through the system service.
When verifying whether the application accessing the privacy application has the access right of the privacy application, acquiring all Running processes by calling a function 'Get Running application processes' in an AMS (active management service), acquiring an application name for Running the process according to information in the process, then acquiring an application package name in a privacy application list by an interface provided by a privacy application service (privacyAppartService), and if the application package name of the process accessing the privacy application is not included in the privacy application list, the application does not have the access right of the privacy application.
Step 301C, if it is detected that the privacy application sends a message for calling a notification sending interface, determining whether a management process of a privacy service system is in a closed state;
step 301D, if the management process of the privacy service system is in a closed state, filtering the message.
In the embodiment of the invention, if the system detects that the notification interface of the privacy application calling system is detected, a message for calling the notification sending interface is sent, and at the moment, whether the management process of the current privacy service system is in a closed state or not is further judged.
When the NMS receives an application call notification sending interface, and the application directly calls a system notification interface by using a Privacy App Service class object created by the Privacy application Service, the on-off state of the management process of the Privacy Service system is obtained through a state interface provided by the Privacy application Service.
Preferably, in another embodiment of the present invention, before step 301, the method may further include:
step 301a, if it is detected that the application calling the privacy application in the privacy application list has the access permission of the privacy application, determining whether the management process of the privacy service system is in an open state.
In the embodiment of the invention, when an application calls an interface provided by a privacy application to access the privacy application, whether the application has the access right of the privacy application is judged firstly, and when the application is verified and determined to have the access right of the privacy application, whether a privacy service system is in a closed state is further judged, wherein the application can be identified through a state identifier of the privacy service system, the identifier can be automatically changed into an open state when the privacy service system is opened, the identifier can be changed into a closed state when the privacy service system is closed, and the identifier is recorded in the privacy application service so that all applications can read the value of the identifier.
Step 301b, if the management process of the privacy service system is in an open state, encrypting the data written in the process or decrypting the data read by the process by the encryption or decryption service provided by the encryption and decryption management service; the encryption and decryption management service is registered in a system service list.
In the embodiment of the invention, when determining that an application accessing the privacy application has the access right of the privacy application and determines that the management process of the privacy service system is in an open state, when the application calls an interface of the privacy application to read or write data, a public encryption/decryption interface provided by an encryption management service is called first, when detecting that the encryption/decryption interface is called, since the application is verified to have the access right of the privacy application, the encryption/decryption management service is also open for the application, at this time, the data to be read or written by the application calls an encryption plug-in or a decryption plug-in a user space file system (FUSE file system) according to the encryption/decryption management service to encrypt and decrypt the corresponding data of the accessed privacy application, wherein the privacy service system not only manages the privacy application, and for the management of some private data, such as audio, video, picture and other data, the storage path of the data can be found through the FUSE file system, so when detecting that an application calls the data in the privacy service system, after the identity is successfully verified, the read-write operation of the access data is realized by calling the encryption and decryption interface.
In practical application, when it is monitored that an encryption and decryption interface is called by an application process, whether the application has the access authority of the privacy application is judged, if the judgment result shows that the application does not have the access authority of the privacy application, a connection switch (Binder) between the encryption and decryption interface and the encryption and decryption management service is closed, and the application without the authority cannot read and write the data of the privacy application through encryption and decryption.
Preferably, in another embodiment of the present invention, after step 301b, the method further includes:
step A301, the encryption and decryption management service returns the state and the quantity of the encrypted and decrypted data to the application process calling the encryption and decryption interface through the encryption and decryption interface.
In the embodiment of the invention, when an encryption plug-in or a decryption plug-in the FUSE file system is called through the encryption and decryption management service, and corresponding data of an accessed privacy application is encrypted or decrypted, a receipt message is sent to the encryption and decryption management service, wherein the receipt message comprises information such as encryption and decryption states, the number and the size of the encrypted and decrypted data.
In practical application, an encryption and decryption algorithm is stored in an encryption plug-in or a decryption plug-in the FUSE file system, the encryption and decryption are realized by calling the algorithm in the encryption and decryption process, the encryption and decryption algorithms are various at present, and the encryption and decryption algorithms are not limited in the embodiment of the invention.
Preferably, in another embodiment of the present invention, before step 301b, the method further includes:
step A302, an application package management service is called to obtain a package name and a corresponding instance identifier of an application corresponding to the application process.
In the embodiment of the present invention, when determining whether an application has a privacy application access right, an application package name and an instance identifier of the application and a privacy application accessed by the application are first acquired, where the application package name and the instance identifier may be acquired through information stored in an application package management service, an application running management service, and a notification management service during running of each application, where the application package name of the application may be acquired in the application package management service, and the instance identifier is usually a suffix name of the application package name, so as to distinguish different entities of the same application.
Preferably, the application process not having the private application access right includes: the application package name and the instance identifier corresponding to the application process are not matched with the application package name and the instance identifier recorded in the privacy application list; the application process having the private application access right comprises the following steps: and the application package name and the instance identifier corresponding to the application process are matched with the application package name and the instance identifier recorded in the privacy application list.
In the embodiment of the present invention, in the above description, when an application calls an interface provided by a privacy application to access the privacy application, it is first determined whether the application has an access right of the privacy application, and first, an application package name and an instance identifier of all the privacy applications stored in the application package name and the instance identifier are obtained by calling a privacy application list in a privacy application service, and the application package name and the instance identifier of the application accessing the privacy application are matched with the application package name and the instance identifier, if matching is successful, it is determined that the application has the access right of the privacy application, and if matching is unsuccessful, the application does not have the access right of the privacy application.
Preferably, in another embodiment of the present invention, the method further comprises:
step A303, generating an application interface of a privacy service system; the application interface simulates a system display interface of the mobile terminal.
In the embodiment of the invention, when managing the privacy application, an entry icon aiming at the privacy service system is established in a display interface of the system, the form of the entry icon is consistent with that of other application icons of the mobile terminal, when a user clicks the icon, the entry icon enters the privacy service system, as shown in fig. 2A, when the entry icon enters the system, the user is required to input a preset password, the password is also stored in the privacy application service, if the verification is passed, the entry icon enters the display interface of the system, as shown in fig. 2B, the display interface of the system is completely consistent with the current display interface of the mobile terminal, and comprises the size, the position, the number and a notification bar of the displayed icon, in the display interface of the privacy service system, the display position of the privacy application icon can be changed according to the dragging operation of the user, and the clicking operation of a plus sign icon can also be carried out according to the display interface, a new privacy application is added.
Preferably, step a303 specifically includes:
a substep a3031, inheriting a view container class used by the mobile terminal system for setting a display interface;
in the embodiment of the invention, in order to realize the effect that the display interface of the privacy service system is completely consistent with the display interface of the system, the View container class (ViewGroup) used by the system during development and the corresponding View setting parameters in the View container class (ViewGroup) are inherited, and the image user interface of the android program is formed by a hierarchical View (View) and a ViewGroup object. The View object is typically a component on the display interface of a button (button) or text field (text field), and the Viewgroup object is an invisible View container that defines the layout of the sub-views, such as a grid layout or a vertical list. Through inheritance of the ViewGroup, the effect that the application interface of the privacy service system simulates the system display interface of the mobile terminal is achieved.
And a substep A3032, calling an interface setting interface of the view container class, and setting an application interface into a system display interface form of the mobile terminal.
In the embodiment of the invention, after all settings and parameters of the ViewGroup are inherited, after a privacy service system is opened and a system interface of the privacy service system is entered, an interface provided by the ViewGroup is called, and icons of various applications are displayed in the system interface of the service system in the same form of the system interface according to the mapping relation between the ViewGroup and examples of various privacy applications and various services of a framework layer.
Preferably, in another embodiment of the present invention, after step a303, the method further includes:
step A304, receiving a click operation of adding a privacy application on an application interface of a privacy service system;
in the embodiment of the invention, after an application interface of the privacy service system is generated, when a user wants to add a new privacy application in the privacy service system, the method can be realized by clicking a plus sign button in the application interface of the privacy service system, and when the plus sign button is clicked, a list of all installed applications of the system can be displayed for the user to select. Of course, the privacy application may be added in a setting bar of the system, and is not necessarily a "plus" button on the display interface, which is not limited in the embodiment of the present invention.
Step A305, displaying an application list installed in the mobile terminal according to the clicking operation;
in the embodiment of the invention, after a user clicks a menu bar or a plus sign button for adding the privacy application, a list of all installed applications of the system is displayed for the user to select, wherein the name of the application added as the privacy application is not included. Of course, in an actual application, when all applications installed in the system are displayed, a window may also be popped up, and all application identifiers that can be added as privacy applications are displayed in the window for a user to select.
Taking the android system as an example, all Installed application Packages can be acquired through a function "Get instruction Packages", then the acquired package names are compared with the application package names in the privacy application list, and names of applications except the applications included in the privacy application list are displayed in the form of a list.
Step A306, displaying the icon of the application in the application interface of the privacy service system according to the selection operation of the application in the application list.
In the embodiment of the invention, when a list which is selected by a user and can be added as a privacy application or an application icon window is popped up in a system interface or a setting interface of a system, the user can determine the selection of an application by clicking an application name or an icon, and when the user determines that the selected application is added as the privacy application, the icon of the application is displayed on the application interface of the private service system.
Preferably, step a306 specifically includes: substep S3061-substep S3063.
Substep S3061, add the application package name and instance identification of the application to the privacy application list.
In the embodiment of the invention, after the icon of the newly added privacy application is displayed on the display interface of the privacy service system, the packet name and the instance identifier of the privacy application are acquired at the same time, and are added into the privacy application list established in the privacy application service in the frame layer. In many double-split applications, the same application has two split entities, and when the system calls interfaces provided by the two applications, in order to distinguish the two split entities, the system adds an instance identifier to the application package name when generating the split application, where the instance identifier of the first split entity is generally displayed as 0, and the instance identifier of the second split entity is 1, although the form of the instance identifier may be various, which is not limited in the embodiment of the present invention.
Substep a3062, sending a message to an application interface icon display interface of the privacy service system that the privacy application was successfully installed.
In the embodiment of the invention, after a user adds a new privacy application in the privacy service system, to display the icon of the privacy application in the display interface of the privacy service system, a message that the privacy application is successfully installed needs to be sent to the icon display interface of the privacy service system.
And a substep A3063 of displaying the icon of the corresponding privacy application in the message in an application interface of the privacy service system according to the received message that the privacy application is successfully installed.
In the embodiment of the present invention, according to the description of step S3062, after the icon display interface of the display interface in the privacy service system receives the message that the application is successfully installed, the icon of the application is displayed on the system display interface.
Step A307, deleting the icon of the application in the display interface of the system.
In the embodiment of the invention, when the newly added icon of the privacy application is displayed in the application interface of the privacy service system, the icon of the application is hidden outside the privacy service system, and a user can see the privacy application only when the privacy service system is opened and the user enters the display interface of the privacy service system.
Preferably, step a307 specifically includes:
and a substep A3071, sending a message that the privacy application is successfully uninstalled to an icon display interface of a display interface of the mobile terminal.
In the embodiment of the present invention, similarly, to hide the application icon added as the privacy application in the system interface of the mobile terminal, a message that the application has been successfully deleted needs to be sent to the icon display interface of the system, and of course, the message is only a masquerading message, and is not a true deletion of the application.
And a substep A3072, deleting the icon of the corresponding privacy application in the message in the display interface of the mobile terminal according to the received message that the privacy application is successfully uninstalled.
In the embodiment of the present invention, according to the description of step S3071, after the icon display interface of the privacy service system receives the message, the icon of the application is deleted from the display interface of the system.
In practical application, if a user deletes a privacy application in the privacy service system, the system sends a message that the application is successfully deleted to an icon display interface of a display interface in the privacy service system, the icon display interface of the display interface in the privacy service system receiving the message deletes an icon corresponding to the application, and the privacy application is not deleted actually, but the privacy application is identified as a non-privacy application, the name of the application is deleted from a privacy application list, and the icon of the application is redisplayed on the display interface of the mobile terminal system by using the sent message that the application is installed in a disguised manner successfully.
In practical application, after an icon of the privacy application is added to a management/display interface of the privacy service system, if a trigger operation of the application is received, a step of judging whether a management process of the privacy service system is in an open state is carried out.
Preferably, in another embodiment of the present invention, after step 301C, the method further includes:
step A308, if the management process of the privacy service system is in an open state, sending the message of the notification sending interface, and displaying the notification in a notification bar.
In the embodiment of the present invention, on the contrary, if the management process of the privacy service system is in an open state, it indicates that the current privacy service system is open, and the user can operate and manage the application and data in the privacy service system, at this time, if the privacy application in the privacy service system calls the message of the notification sending interface of the system, the message is sent, the message sending interface is successfully called, and the notification is displayed in the notification bar of the privacy service system.
Preferably, in another embodiment of the present invention, before step 301D, the method further includes:
step A309, determining whether the privacy application has the authority to invoke the notification transmission interface.
In the embodiment of the invention, if it is detected that a privacy application sends a message for calling a notification sending interface and a management process of a privacy service system is in a closed state, whether the privacy application has the permission for sending the notification, that is, whether the privacy application has the permission for calling the notification sending interface is further confirmed, wherein, by matching the name of the application with the name of the application in a preset permission list, whether the application has the permission for sending the notification can be judged.
Of course, the preset authority list may be set by the user actively, or may be added by default when the privacy application service is registered, which is not limited in the embodiment of the present invention.
Step A310, if the management process of the privacy service system is in a closed state, deleting the history notification displayed in the notification bar.
In the embodiment of the invention, when the management process of the privacy service system is in an open state, the notification sent by the privacy application displayed in the notification bar of the privacy service system is sent, and then, when the management process of the privacy service system is detected to be in a closed state, the privacy application in the privacy service system cannot call the notification sending interface of the system, if the notification sending interface of the privacy application calling system is detected at the moment, the message calling the notification sending interface of the system is filtered, and the historical notification displayed in the notification bar of the privacy service system before is deleted.
Step a311, determining whether the privacy application has the authority to invoke the notification transmission interface.
In the embodiment of the invention, if it is detected that a privacy application sends a message for calling a notification sending interface and a management process of a privacy service system is in a closed state, whether the privacy application has the permission for sending the notification, that is, whether the privacy application has the permission for calling the notification sending interface is further confirmed, wherein, by matching the name of the application with the name of the application in a preset permission list, whether the application has the permission for sending the notification can be judged.
Step A312, if the management process of the privacy service system is in an open state, sending the message of the notification sending interface, and displaying the notification in a notification bar.
In the embodiment of the present invention, on the contrary, if the management process of the privacy service system is in an open state, it indicates that the current privacy service system is open, and the user can operate and manage the application and data in the privacy service system, at this time, if the privacy application in the privacy service system calls the message of the notification sending interface of the system, the message is sent, the message sending interface is successfully called, and the notification is displayed in the notification bar of the privacy service system.
In the embodiment of the invention, by adding a privacy application service in a system service, when receiving an operation of adding a privacy application by a user, adding application information into a privacy application list, verifying the authority of accessing the privacy application for other applications calling the privacy application, shielding a process calling the privacy application if the authority is not available, filtering a message calling a notification interface after verifying that the application is the privacy application when the privacy application calls the system notification interface, encrypting data written by the process or decrypting data read by the process through an encryption or decryption algorithm provided by a user space file system when a management process of the privacy service system is in an open state, realizing systematized management of the privacy application, and protecting the privacy application from the non-privacy application by distinguishing the privacy application, the protection level of the privacy application information is improved.
For simplicity of explanation, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will appreciate that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently with other steps in accordance with the embodiments of the invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
Referring to fig. 4, a block diagram illustrating a structure of an embodiment of a cloud privacy data display apparatus according to the present invention may specifically include the following modules:
a request receiving module 401, configured to receive a cloud data access request;
a judging module 402, configured to judge whether the cloud data access request is sent by a privacy service system, if so, enter a displaying module 404, and otherwise, enter a hiding module 403;
a hiding module 403, configured to disallow display of the private data in a display interface of the client if the cloud data access request is not sent by the privacy service system;
a display module 404, configured to allow the private data to be displayed in a display interface of the client if the cloud data access request is sent by the privacy service system.
In the embodiment of the invention, whether the cloud data access request is sent by the privacy service system is judged by receiving the cloud data access request, if not, the privacy data is not allowed to be displayed in the display interface of the client, and if the cloud data access request is sent by the privacy service system, the privacy data is allowed to be displayed in the display interface of the client. Therefore, the problem that some private data and common data are displayed on a display interface of cloud storage and can be leaked out inadvertently is solved, and the method has the beneficial effect of protecting the private data at the cloud end by further verifying the identification of the privacy service system.
Referring to fig. 5, a block diagram illustrating a structure of an embodiment of a cloud privacy data display apparatus according to the present invention may specifically include the following modules:
the uploading module 501 is configured to receive privacy data uploaded by a client in a privacy space of the privacy service system and store the privacy data.
A request receiving module 502, configured to receive a cloud data access request;
a judging module 503, configured to judge whether the cloud data access request is sent by a privacy service system;
preferably, the judging module 503 specifically includes:
the determining sub-module 5031 is configured to determine whether the cloud data access request includes a privacy identifier for a privacy service system, if so, enter the second determining sub-module 5033, otherwise, enter the first determining sub-module 5032;
a first determining sub-module 5032, configured to determine that the access request is not sent by the privacy service system if the cloud data access request does not include the privacy identifier.
A second determining sub-module 5033, configured to determine that the access request is sent by a privacy service system if the cloud data access request includes the privacy identifier.
A hiding module 504, configured to disallow display of the private data in a display interface of the client if the cloud data access request is not sent by the privacy service system;
preferably, the hiding module 504 specifically includes:
and the hiding submodule is used for hiding the private data display entrance component in the cloud data display page returned to the client.
Preferably, in another embodiment of the present invention, the method further comprises:
the verification code receiving module is used for receiving a privacy verification code used for displaying privacy data;
and the privacy data display module is used for allowing the privacy data to be displayed in a display interface of the client when the privacy verification code passes verification.
A display module 505, configured to allow the private data to be displayed in a display interface of the client if the cloud data access request is sent by the privacy service system. The display module 505 specifically includes:
and the display sub-module is used for displaying the private data display entry component in the cloud data display page returned to the client. Preferably, the display sub-module specifically includes: and the display unit is used for acquiring corresponding privacy data and returning the privacy data to the client for display when receiving a privacy data display request triggered by the client through the entrance component. The private data display portal component comprises: and a control corresponding to the private folder directory.
In the embodiment of the invention, the method comprises the steps of receiving privacy data in a privacy space of a privacy service system uploaded by a client and storing the privacy data, receiving a cloud data access request, judging whether the cloud data access request comprises a privacy identifier, if not, not allowing the privacy data to be displayed in a display interface of the client, if so, allowing the privacy data to be displayed in the display interface of the client, further receiving a privacy verification code for displaying the privacy data, and if the privacy verification code passes verification, allowing the privacy data to be displayed in the display interface of the client, otherwise, not displaying. Therefore, the problem that some private data and common data are displayed on a display interface of cloud storage and can be leaked inadvertently is solved, and the method has the beneficial effect of protecting the private data at the cloud end by further verifying the identification of the privacy service system.
Referring to fig. 6, a block diagram illustrating a structure of an embodiment of a cloud privacy data display apparatus according to the present invention may specifically include the following modules:
the privacy service system state judgment module 601 is configured to judge whether a management process of the privacy service system is in an open state after receiving an access operation of accessing a cloud data display page of a cloud server, if so, enter the display request sending module 602, and otherwise, enter the hidden request sending module 603;
a display request sending module 602, configured to send a cloud data access request including a privacy identifier to the cloud server if a management process of the privacy service system is in an on state, so as to notify the cloud server to return a display page allowing display of privacy data for display;
a hidden request sending module 603, configured to send a data access request that does not include the privacy identifier to the cloud server if the associated process of the privacy service system is in a closed state, so as to notify the cloud server to return a display page that does not allow the privacy data to be displayed for display.
Preferably, the display interface allowing the display of the private data includes: a presentation page displaying the private data display portal component; the display interface which does not allow the private data to be displayed comprises the following steps: the display page of the private data display entry component is hidden.
Preferably, the method further comprises the following steps:
the privacy application service module is used for receiving an instruction of adding each application into the privacy application service so as to add each application information into the privacy application list; the privacy application service is registered in a system service list;
the shielding module is used for shielding the privacy application in the privacy application list for the application process if the application process calling the privacy application in the privacy application list is detected not to have the privacy application access authority;
the privacy service system judgment module is used for judging whether the management process of the privacy service system is in a closed state or not if the privacy application is detected to send a message for calling a notification sending interface;
and the filtering module is used for filtering the message if the management process of the privacy service system is in a closed state.
Preferably, the method further comprises the following steps:
the detection module is used for judging whether the management process of the privacy service system is in an open state or not if detecting that the application calling the privacy application in the privacy application list has the privacy application access authority;
the encryption and decryption module is used for encrypting the data written in the process or decrypting the data read by the process through encryption or decryption services provided by the encryption and decryption management services if the management process of the privacy service system is in an open state; the encryption and decryption management service is registered in a system service list.
Preferably, in another embodiment of the present invention, the method further comprises:
and the encryption state returning module is used for returning the state and the quantity of the encrypted and decrypted data to the application process calling the encryption and decryption interface through the encryption and decryption interface by the encryption and decryption management service.
And the package name and instance identifier acquisition module is used for calling the application package management service to acquire the package name and the corresponding instance identifier of the application corresponding to the application process.
The privacy service system interface generating module is used for generating an application interface of the privacy service system; the application interface simulates a system display interface of the mobile terminal.
Preferably, the privacy service system interface generating module specifically includes:
the class inheritance submodule is used for inheriting a view container class of the mobile terminal system, which is used for setting a display interface;
and the display sub-module is used for calling an interface setting interface of the view container class and setting an application interface into a system display interface form of the mobile terminal.
The system comprises a click operation receiving module, a privacy service system and a control module, wherein the click operation receiving module is used for receiving click operation of adding privacy application on an application interface of the privacy service system;
the application list display module is used for displaying an application list installed in the mobile terminal according to the clicking operation;
and the application display module is used for displaying the icon of the application in the application interface of the privacy service system according to the selection operation of the application in the application list.
In the embodiment of the invention, when a list which is selected by a user and can be added as a privacy application or an application icon window is popped up in a system interface or a setting interface of a system, the user can determine the selection of an application by clicking an application name or an icon, and when the user determines that the selected application is added as the privacy application, the icon of the application is displayed on the application interface of the private service system.
Preferably, the application display module specifically includes:
and the adding submodule is used for adding the application package name and the instance identifier of the application into the privacy application list.
And the disguised message sending sub-module is used for sending a message that the privacy application is successfully installed to an application interface icon display interface of the privacy service system.
And the display sub-module is used for displaying the corresponding privacy application icon in the message in an application interface of the privacy service system according to the received message that the privacy application is installed successfully.
And the icon deleting module is used for deleting the icon of the application in a display interface of the system.
And the uninstalling message sending submodule is used for sending a message that the privacy application is successfully uninstalled to an icon display interface of a display interface of the mobile terminal.
And the deleting submodule is used for deleting the corresponding icon of the privacy application in the message in the display interface of the mobile terminal according to the received message that the privacy application is successfully uninstalled.
And the notification display module is used for sending the message of the notification sending interface and displaying the notification in a notification bar if the management process of the privacy service system is in an open state.
And the permission judging module is used for judging whether the privacy application has the permission of calling the notification sending interface.
And the permission judging module is used for judging whether the privacy application has the permission of calling the notification sending interface.
And the notification display module is used for sending the message of the notification sending interface and displaying the notification in a notification bar if the management process of the privacy service system is in an open state.
And the history notification deleting module is used for deleting the history notification displayed in the notification bar if the management process of the privacy service system is in a closed state.
In the embodiment of the invention, the open state of the current privacy application service is judged by a privacy service system state judgment module, when the operation of adding privacy application by a user is received, application information is added to a privacy application list by a privacy application service module, the authority of the other applications for calling the privacy application to access the privacy application is verified, if no authority exists, the process for calling the privacy application is shielded by a shielding module, and when the privacy application calls a system notification interface, the information for calling the notification interface is filtered after the privacy application is verified to be the privacy application, and when the management process of the privacy service system is in the open state, the data written in the process is encrypted or the data read by the process is decrypted by an encryption or decryption algorithm provided by a user space file system in an encryption and decryption module, the method also comprises the steps of sending a message of the notification sending interface and displaying the notification in a notification bar by a notification display module if the management process of the privacy service system is in an open state, and deleting the history notification displayed in the notification bar by a history notification deletion module if the management process of the privacy service system is in a closed state. The method and the device realize the systematized management of the privacy application, respectively distinguish the privacy application from the non-privacy application to protect in the state that the privacy application system is opened and closed, and improve the protection level of the privacy application information.
Fig. 7 shows only a portion related to the embodiment of the present invention for convenience of description, and please refer to the method portion of the embodiment of the present invention for details that are not disclosed. The terminal may be any terminal device including a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (point of Sales), a vehicle-mounted computer, etc., taking the terminal as the mobile phone as an example:
fig. 7 is a block diagram illustrating a structure of a handset portion of a mobile terminal according to an embodiment of the present invention. Referring to fig. 7, the handset includes: radio Frequency (RF) circuit 710, memory 720, input unit 730, display unit 740, sensor 750, audio circuit 760, wireless fidelity (WiFi) module 770, processor 780, and power supply 790. Those skilled in the art will appreciate that the handset configuration shown in fig. 7 is not intended to be limiting and may include more or fewer components than shown, or some components may be combined, or a different arrangement of components.
The following describes each component of the mobile phone in detail with reference to fig. 7:
the RF circuit 710 may be used for receiving and transmitting signals during information transmission and reception or during a call, and in particular, receives downlink information of a base station and then processes the received downlink information to the processor 780; in addition, data for the design uplink is transmitted to the base station. In general, the RF circuit 710 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like. In addition, the RF circuit 710 may also communicate with networks and other devices via wireless communication. The wireless communication may use any communication standard or protocol, including but not limited to Global System for Mobile communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), email, Short Message Service (SMS), and the like.
The memory 720 may be used to store software programs and modules, and the processor 780 may execute various functional applications and data processing of the cellular phone by operating the software programs and modules stored in the memory 720. The memory 720 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 720 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The input unit 730 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the cellular phone. Specifically, the input unit 730 may include a touch panel 731 and other input devices 732. The touch panel 731, also referred to as a touch screen, can collect touch operations of a user (e.g., operations of the user on or near the touch panel 731 by using any suitable object or accessory such as a finger, a stylus, etc.) and drive corresponding connection devices according to a preset program. Alternatively, the touch panel 731 may include two portions of a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects signals caused by touch operation and transmits the signals to the touch controller; the touch controller receives touch information from the touch sensing device, converts it to touch point coordinates, and sends the touch point coordinates to the processor 780, and can receive and execute commands from the processor 780. In addition, the touch panel 731 may be implemented in various types, such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. In addition to the touch panel 731, the input unit 730 may include other input devices 732. In particular, other input devices 732 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The display unit 740 may be used to display information input by the user or information provided to the user and various menus of the mobile phone. The display unit 740 may include a display panel 741, and optionally, the display panel 741 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch panel 731 can cover the display panel 741, and when the touch panel 731 detects a touch operation on or near the touch panel 731, the touch operation is transmitted to the processor 780 to determine the type of the touch event, and then the processor 780 provides a corresponding visual output on the display panel 741 according to the type of the touch event. Although the touch panel 731 and the display panel 741 are shown as two separate components in fig. 7 to implement the input and output functions of the mobile phone, in some embodiments, the touch panel 731 and the display panel 741 may be integrated to implement the input and output functions of the mobile phone.
The handset may also include at least one sensor 750, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor that adjusts the brightness of the display panel 741 according to the brightness of ambient light, and a proximity sensor that turns off the display panel 741 and/or a backlight when the mobile phone is moved to the ear. As one of the motion sensors, the accelerometer sensor can detect the magnitude of acceleration in each direction (generally, three axes), can detect the magnitude and direction of gravity when stationary, and can be used for applications of recognizing the posture of a mobile phone (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), vibration recognition related functions (such as pedometer and tapping) and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured on the mobile phone, further description is omitted here.
Audio circuitry 760, speaker 761, and microphone 762 may provide an audio interface between a user and a cell phone. The audio circuit 760 can transmit the electrical signal converted from the received audio data to the speaker 761, and the electrical signal is converted into a sound signal by the speaker 761 and output; on the other hand, the microphone 762 converts the collected sound signal into an electric signal, converts the electric signal into audio data after being received by the audio circuit 760, and then processes the audio data output processor 780, and then transmits the audio data to, for example, another cellular phone through the RF circuit 710, or outputs the audio data to the memory 720 for further processing.
WiFi belongs to short-distance wireless transmission technology, and the mobile phone can help a user to receive and send e-mails, browse webpages, access streaming media and the like through the WiFi module 770, and provides wireless broadband Internet access for the user. Although fig. 7 shows the WiFi module 770, it is understood that it does not belong to the essential constitution of the handset, and it can be omitted entirely within the scope not changing the essence of the invention as needed.
The processor 780 is a control center of the mobile phone, connects various parts of the entire mobile phone by using various interfaces and lines, and performs various functions of the mobile phone and processes data by operating or executing software programs and/or modules stored in the memory 720 and calling data stored in the memory 720, thereby integrally monitoring the mobile phone. Optionally, processor 780 may include one or more processing units; preferably, the processor 780 may integrate an application processor, which primarily handles operating systems, user interfaces, applications, etc., and a modem processor, which primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into processor 780.
The handset also includes a power supply 790 (e.g., a battery) for powering the various components, which may preferably be logically coupled to the processor 780 via a power management system, so as to manage charging, discharging, and power consumption management functions via the power management system.
Although not shown, the mobile phone may further include a camera, a bluetooth module, etc., which are not described herein.
In this embodiment of the present invention, the processor 780 included in the terminal further has the following functions: receiving a cloud data access request; judging whether the cloud data access request is sent by a privacy service system; if the cloud data access request is not sent by the privacy service system, the privacy data is not allowed to be displayed in a display interface of the client; and if the cloud data access request is sent by the privacy service system, allowing the privacy data to be displayed in a display interface of the client.
An embodiment of the present invention further provides a server 800, as shown in fig. 8, including a processor 801 and a memory 802, where the memory 801 is connected to the processor 802,
the memory 801 is used for storing a program for executing the cloud privacy data display method;
the processor 802 is configured to execute programs stored in the memory.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical functional division, and in actual implementation, there may be other divisions, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a hardware form, and can also be realized in a software functional unit form.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, an optical disk, or the like.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the above embodiments may be implemented by relevant hardware through a program, and the program may be stored in a computer readable storage medium, and the above mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
In the above, the cloud private data display method and apparatus, the server and the mobile terminal provided by the present invention are described in detail, and for a person skilled in the art, according to the idea of the embodiment of the present invention, there may be changes in the specific implementation and application scope.

Claims (24)

1. A cloud privacy data display method is characterized by comprising the following steps:
receiving a cloud data access request;
judging whether the cloud data access request is sent by a privacy service system;
if the cloud data access request is not sent by the privacy service system, the privacy data are not allowed to be displayed in a display interface of the client, and the privacy data are data stored in the cloud server; receiving a privacy verification code for displaying privacy data; when the verification of the privacy verification code passes, allowing the privacy data to be displayed in a display interface of the client;
and if the cloud data access request is sent by the privacy service system, allowing the privacy data to be displayed in a display interface of the client.
2. The method of claim 1, wherein the step of determining whether the cloud data access request is sent by a privacy service system comprises:
judging whether the cloud data access request comprises a privacy identification aiming at a privacy service system;
if the cloud data access request does not comprise the privacy identification, determining that the access request is not sent by a privacy service system;
if the cloud data access request comprises the privacy identification, determining that the access request is sent by a privacy service system.
3. The method of claim 1, wherein the step of disallowing display of private data in a display interface of a client comprises:
and hiding the private data display entrance component in a cloud data display page returned to the client.
4. The method of claim 1, wherein the step of allowing the display of the private data in the display interface of the client comprises:
and displaying the private data display entry component in a cloud data display page returned to the client.
5. The method of claim 4, wherein the step of displaying the private data display entry component in the cloud data presentation page returned to the client comprises:
and when a private data display request triggered by the client through the entrance component is received, acquiring corresponding private data and returning the private data to the client for display.
6. The method of claim 4, wherein the private data display portal component comprises: and a control corresponding to the private folder directory.
7. The method of claim 1, further comprising, prior to the step of receiving a cloud data access request:
and receiving the privacy data in the privacy space of the privacy service system uploaded by the client and storing the privacy data.
8. A cloud privacy data display method is characterized by comprising the following steps:
after receiving an access operation of accessing a cloud data display page of a cloud server, judging whether a management process of a privacy service system is in an open state;
if the management process of the privacy service system is in an open state, sending a cloud data access request comprising a privacy identification to the cloud server to inform the cloud server to return a display page allowing privacy data to be displayed for displaying, wherein the privacy data are data stored in the cloud server;
and if the associated process of the privacy service system is in a closed state, sending a data access request without the privacy identification to the cloud server so as to inform the cloud server to return a display page which does not allow the privacy data to be displayed for displaying.
9. The method of claim 8, wherein the presentation interface that allows display of private data comprises: a presentation page displaying the private data display portal component;
the display interface which does not allow the private data to be displayed comprises the following steps: the presentation page of the private data display portal component is hidden.
10. The method according to claim 8, wherein before the step of determining whether the management process of the privacy service system is in an open state after receiving an access operation to access the cloud data presentation page of the cloud server, the method further comprises:
receiving an instruction of adding each application to the privacy application service so as to add each application information to the privacy application list; the privacy application service is registered in a system service list;
if the application process calling the privacy application in the privacy application list is detected not to have the privacy application access authority, the privacy application in the privacy application list is shielded for the application process;
if the privacy application is detected to send a message for calling a notification sending interface, judging whether the management process of the privacy service system is in a closed state;
and if the management process of the privacy service system is in a closed state, filtering the message.
11. The method according to claim 8, wherein before the step of determining whether the management process of the privacy service system is in an open state after receiving an access operation to access the cloud data presentation page of the cloud server, the method further comprises:
if the fact that the application calling the privacy application in the privacy application list has the privacy application access right is detected, whether a management process of the privacy service system is in an open state or not is judged;
if the management process of the privacy service system is in an open state, encrypting the data written in the process or decrypting the data read by the process through an encryption or decryption service provided by an encryption and decryption management service; the encryption and decryption management service is registered in a system service list.
12. A cloud privacy data display apparatus, comprising:
the request receiving module is used for receiving a cloud data access request;
the judging module is used for judging whether the cloud data access request is sent by a privacy service system;
the hiding module is used for disallowing the private data to be displayed in a display interface of the client if the cloud data access request is not sent by the private service system, wherein the private data is data stored in the cloud server;
the verification code receiving module is used for receiving a privacy verification code used for displaying privacy data;
the privacy data display module is used for allowing the privacy data to be displayed in a display interface of the client when the privacy verification code passes verification;
and the display module is used for allowing the private data to be displayed in a display interface of the client if the cloud data access request is sent by the privacy service system.
13. The apparatus of claim 12, wherein the determining module comprises:
the judgment sub-module is used for judging whether the cloud data access request comprises a privacy identification aiming at a privacy service system;
a first determining sub-module, configured to determine that the access request is not sent by a privacy service system if the cloud data access request does not include the privacy identifier;
a second determining sub-module, configured to determine that the access request is sent by a privacy service system if the cloud data access request includes the privacy identifier.
14. The apparatus of claim 12, wherein the concealment module comprises:
and the hiding submodule is used for hiding the private data display entrance component in the cloud data display page returned to the client.
15. The apparatus of claim 12, wherein the display module comprises:
and the display sub-module is used for displaying the private data display entry component in the cloud data display page returned to the client.
16. The apparatus of claim 15, wherein the display sub-module comprises:
and the display unit is used for acquiring corresponding privacy data and returning the privacy data to the client for display when receiving a privacy data display request triggered by the client through the entrance component.
17. The apparatus of claim 15, wherein the private data display portal component comprises: and a control corresponding to the private folder directory.
18. The apparatus of claim 12, further comprising:
and the uploading module is used for receiving the privacy data uploaded by the client in the privacy space of the privacy service system and storing the privacy data.
19. A cloud privacy data display apparatus, comprising:
the privacy service system state judgment module is used for judging whether the management process of the privacy service system is in an open state or not after receiving the access operation of accessing the cloud data display page of the cloud server;
the display request sending module is used for sending a cloud data access request including a privacy identifier to the cloud server to inform the cloud server to return a display page allowing privacy data to be displayed for displaying if a management process of the privacy service system is in an open state, wherein the privacy data is data stored in the cloud server;
and the hidden request sending module is used for sending a data access request which does not include the privacy identification to the cloud server if the associated process of the privacy service system is in a closed state so as to inform the cloud server to return a display page which does not allow the privacy data to be displayed for displaying.
20. The apparatus of claim 19, wherein the presentation interface that allows display of private data comprises: a presentation page displaying the private data display portal component;
the display interface which does not allow the private data to be displayed comprises the following steps: the presentation page of the private data display portal component is hidden.
21. The apparatus of claim 19, further comprising:
the privacy application service module is used for receiving an instruction of adding each application into the privacy application service so as to add each application information into the privacy application list; the privacy application service is registered in a system service list;
the shielding module is used for shielding the privacy application in the privacy application list for the application process if the application process calling the privacy application in the privacy application list is detected not to have the privacy application access authority;
the privacy service system judgment module is used for judging whether the management process of the privacy service system is in a closed state or not if the privacy application is detected to send a message for calling a notification sending interface;
and the filtering module is used for filtering the message if the management process of the privacy service system is in a closed state.
22. The apparatus of claim 19, further comprising:
the detection module is used for judging whether the management process of the privacy service system is in an open state or not if detecting that the application calling the privacy application in the privacy application list has the privacy application access authority;
the encryption and decryption module is used for encrypting the data written in the process or decrypting the data read by the process through encryption or decryption services provided by the encryption and decryption management services if the management process of the privacy service system is in an open state; the encryption and decryption management service is registered in a system service list.
23. A server, comprising a processor and a memory,
the memory is used for storing a program for executing the cloud privacy data display method of any one of claim 1 to claim 7;
the processor is configured to execute programs stored in the memory.
24. A mobile terminal comprising a processor and a memory,
the memory is used for storing a program for executing the cloud privacy data display method of any one of claim 8 to claim 11;
the processor is configured to execute programs stored in the memory.
CN201710262874.8A 2017-04-20 2017-04-20 Cloud privacy data display method and device, server and mobile terminal Active CN107040540B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710262874.8A CN107040540B (en) 2017-04-20 2017-04-20 Cloud privacy data display method and device, server and mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710262874.8A CN107040540B (en) 2017-04-20 2017-04-20 Cloud privacy data display method and device, server and mobile terminal

Publications (2)

Publication Number Publication Date
CN107040540A CN107040540A (en) 2017-08-11
CN107040540B true CN107040540B (en) 2020-06-09

Family

ID=59536112

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710262874.8A Active CN107040540B (en) 2017-04-20 2017-04-20 Cloud privacy data display method and device, server and mobile terminal

Country Status (1)

Country Link
CN (1) CN107040540B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107562879A (en) * 2017-09-01 2018-01-09 精硕科技(北京)股份有限公司 List inquiry processing method and device
CN107742077B (en) * 2017-10-09 2020-01-03 武汉斗鱼网络科技有限公司 Method and device for preventing information leakage in live game
CN110166564B (en) * 2019-05-28 2023-09-05 北京小米移动软件有限公司 Information communication method, terminal and storage medium
CN110784404B (en) * 2019-10-08 2022-03-25 烽火通信科技股份有限公司 Method and device for adjusting multi-network-port equipment application program package sending strategy
CN112380568A (en) * 2020-11-30 2021-02-19 腾讯科技(北京)有限公司 Data management method and device, computer equipment and storage medium
CN113505099A (en) * 2021-05-11 2021-10-15 深圳软牛科技有限公司 File hiding method, device, equipment and storage medium of Windows system
CN113836173B (en) * 2021-10-11 2024-05-31 百度在线网络技术(北京)有限公司 Data processing method and device, electronic equipment and storage medium
CN115982503B (en) * 2023-02-07 2023-10-13 深圳慧梧科技有限公司 Website information acquisition method and system based on cloud platform

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1770171A (en) * 2004-11-04 2006-05-10 国际商业机器公司 Method for enabling a trusted dialog for collection of sensitive data
CN103577761A (en) * 2013-10-25 2014-02-12 北京奇虎科技有限公司 Method and device for processing privacy data in mobile equipment
CN104102358A (en) * 2014-07-18 2014-10-15 北京奇虎科技有限公司 Privacy information protecting method and privacy information protecting device
CN104573456A (en) * 2014-12-29 2015-04-29 深圳市金立通信设备有限公司 Terminal interface control method
CN105956444A (en) * 2016-05-04 2016-09-21 北京奇虎科技有限公司 Private application display method and device and terminal equipment
CN106485102A (en) * 2015-08-26 2017-03-08 北京奇虎科技有限公司 Application control method, application program controlling device and terminal
CN106485137A (en) * 2015-08-26 2017-03-08 北京奇虎科技有限公司 Application control method, application program controlling device and terminal
CN106503580A (en) * 2016-10-13 2017-03-15 深圳市金立通信设备有限公司 A kind of guard method of private data and terminal

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8880880B2 (en) * 2011-07-29 2014-11-04 Qualcomm Incorporated Facilitating access control in peer-to-peer overlay networks
US9369471B2 (en) * 2013-10-09 2016-06-14 Foxwordy Inc. Interaction privacy in a default network

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1770171A (en) * 2004-11-04 2006-05-10 国际商业机器公司 Method for enabling a trusted dialog for collection of sensitive data
CN103577761A (en) * 2013-10-25 2014-02-12 北京奇虎科技有限公司 Method and device for processing privacy data in mobile equipment
CN104102358A (en) * 2014-07-18 2014-10-15 北京奇虎科技有限公司 Privacy information protecting method and privacy information protecting device
CN104573456A (en) * 2014-12-29 2015-04-29 深圳市金立通信设备有限公司 Terminal interface control method
CN106485102A (en) * 2015-08-26 2017-03-08 北京奇虎科技有限公司 Application control method, application program controlling device and terminal
CN106485137A (en) * 2015-08-26 2017-03-08 北京奇虎科技有限公司 Application control method, application program controlling device and terminal
CN105956444A (en) * 2016-05-04 2016-09-21 北京奇虎科技有限公司 Private application display method and device and terminal equipment
CN106503580A (en) * 2016-10-13 2017-03-15 深圳市金立通信设备有限公司 A kind of guard method of private data and terminal

Also Published As

Publication number Publication date
CN107040540A (en) 2017-08-11

Similar Documents

Publication Publication Date Title
CN107040540B (en) Cloud privacy data display method and device, server and mobile terminal
CN107133498B (en) Privacy application management method and device and mobile terminal
US9703971B2 (en) Sensitive operation verification method, terminal device, server, and verification system
CN111475841B (en) Access control method, related device, equipment, system and storage medium
US8750828B2 (en) Enabling remote and anonymous control of mobile and portable multimedia devices for security, tracking and recovery
CN108536783B (en) Data processing method and device, terminal and computer readable storage medium
CN107038358B (en) Self-starting processing method and device and mobile terminal
TWI606360B (en) Method, apparatus and system for detecting webpages
EP2761429B1 (en) Policy compliance-based secure data access
CN107145794B (en) Data processing method and device and mobile terminal
CN109033885B (en) Data response method, terminal equipment and server
CN106713266B (en) Method, device, terminal and system for preventing information leakage
CN110417543A (en) A kind of data ciphering method, device and storage medium
CN111355732B (en) Link detection method and device, electronic equipment and storage medium
CN108475304B (en) Method and device for associating application program and biological characteristics and mobile terminal
CN103914520B (en) Data query method, terminal device and server
CN110869907A (en) Method and terminal for browsing application page
CN106709282B (en) resource file decryption method and device
CN111475832B (en) Data management method and related device
CN107615294A (en) A kind of identifying code short message display method and mobile terminal
WO2015078274A1 (en) Devices and methods for password storage
US20180268163A1 (en) Context module based personal data protection
CN103036852B (en) A kind of method and device realizing network entry
CN107347059B (en) Vulnerability detection method and detection terminal
CN107133507A (en) A kind of privacy services system access method, device and mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20170803

Address after: 100102, 18 floor, building 2, Wangjing street, Beijing, Chaoyang District, 1801

Applicant after: BEIJING ANYUN SHIJI SCIENCE AND TECHNOLOGY CO., LTD.

Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park)

Applicant before: Beijing Qihu Technology Co., Ltd.

SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant